Privacy Policy

Okay, I know this is boring stuff, but it’s information you need to know:

This document is the privacy policy adopted by Carol Schlorff, and concerns the principles of processing personal data collected from individuals through the site:

The Privacy Policy document is an expression of caring for the rights of visitors to the website as well as the fulfillment of the information obligation resulting from:

Article 13 of Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and the repealing of Directive 95/46/EC (General Data Protection Regulation) (OJ 2016/679). UE L 119, 4.05.2016, p. 1) (hereinafter referred to as GDPR).

  1. Data Administrator
  • The administrator of your personal data is Carol Schlorff, Krakow, Poland.
  • The administrator has not appointed a Data Protection Officer. In matters related to data protection, please contact me by e-mail at:
  1. The basis, purpose and scope of data processing, i.e. what data I collect, why and how it’s processed
  • The data is processed on the basis of art. 6 par.1 lit. a) GDPR, i.e. on the basis of the consent of the person – the owner of the data
  • The processed personal data is: e-mail address, IP address, and name and surname if you provided it in the e-mail to me
  • I process the data to contact the person who expressed such a wish by sending an e-mail to the Data Administrator or signing up to be notified of future book releases.
  • If the person has expressed such a request in the e-mail, the e-mail address provided will also be used to send information about activities related to events as part of the book activities of the Data Administrator and information about new books.
  • Personal data will be processed for the entire duration of the website’s operation, unless consent to processing is withdrawn earlier.
  • In the event of withdrawal of consent, the data will be removed from the portal’s resources, with the exception of data necessary to demonstrate that the request has been correctly fulfilled (the basis of Article 17 paragraph 3 letter e) – i.e. the e-mail with the request and the response to it.
  1. Who has access to the data collected through the website
  • Access to the data collected through the website is available only to persons authorized by the Data Administrator
  • The Administrator does not sell or share data with third parties, except when such disclosure results from applicable law obliging the Administrator of personal data to transfer them to authorized entities.
  • The administrator collects website logs; however, it does not associate them in any way with personal data. Based on log files, statistics can be generated to help administer the website. Aggregate summaries in the form of such statistics do not contain any features identifying visitors to the website.
  1. Rights of the owner of personal data

In accordance with Articles 15 – 22 of the GDPR, each user has the following rights:

Right of access

The data subject shall be entitled to obtain from the Administrator confirmation as to whether or not personal data concerning him or her are being processed and, if so, to access them.

Right to rectification

The data subject has the right to request the Administrator to rectify inaccurate personal data concerning him or her without undue delay.

Right to erasure (“right to be forgotten”)

The data subject has the right to request the Administrator to immediately delete personal data concerning him/her,

Right to restriction of processing

The data subject shall have the right to request the Administrator to restrict processing in the following cases:

When the data is incorrect – in time to correct it

The data subject has objected to processing pursuant to Article 21(1), pending a determination of whether the legitimate grounds of the controller override those of the data subject.

The processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead

Right to data portability

Right to object

Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him or her for such marketing, including profiling, to the extent that the processing is related to such direct marketing.

  1. Exercise of rights

After receiving the notification, the Administrator takes action to confirm the identity of the person submitting the request.

In accordance with the law, the Administrator grants the person who submitted the request a response to the actions taken. If the Administrator does not take such actions, he will inform the person submitting the request about this fact.

The data subject has the right to lodge a complaint to the Supervisory Body, i.e. to the President of the Office for Personal Data Protection (President of UODO), ul. Stawki 2, 00-193 Warsaw, tel. 22 531 03 00, fax. 22 531 03 01,

Cookie Mechanism. Links to other sites

  1. Some areas and functions of the website may use cookies, i.e. text files that are saved on the visitor’s computer.
  2. Cookies are used to a) enable the efficient use of websites, b) ensure security when using websites.
  3. The website uses “session” cookies (saved until you leave the site, close the browser) and permanent cookies (saved on your computer for a specified period of time).
  4. Your web browser allows the use of cookies on your device by default, so at the first visit I ask for your consent to the use of cookies.
  5. You can withdraw your consent to the use of cookies at any time – to do this, change the settings in your web browser – you can completely block the automatic handling of cookies or request notification of each time cookies are placed on your device. You can change your settings at any time.

Changes to the Privacy Policy

The Website Administrator reserves the right to change the above privacy policy at any time and place, while committing to immediately publish a new privacy policy on the website and inform all registered users about this fact.